Computer Science Events
[PAST EVENT] Schmidt Family Distinguished Talk: Cristina Nita-Rotaru
Network-level Attacks in Federated Learning
Abstract:
Federated learning is a popular strategy for training models on distributed, sensitive data, while preserving data privacy. In both centralized and peer-to-peer architectures communication between participants (clients and server or peers) plays a critical role for the learning task performance. We highlight how communication introduces another vulnerability surface in federated learning and study the impact of network-level adversaries on training federated learning models. In the first part of the talk we focus on centralized architectures and show that attackers dropping the network traffic from carefully selected clients can significantly decrease model accuracy on a target population. We then show the effectiveness of our server-side defense which mitigates the impact of our attacks by identifying and up-sampling clients likely to positively contribute towards target accuracy. In the second part of the talk we focus on peer-to-peer federated learning. We propose new backdoor attacks that leverage structural communication graph properties to select the malicious nodes, and achieve high attack success, while remaining stealthy. We evaluate our attacks under various realistic conditions, including multiple graph topologies, limited adversarial visibility of the network, and clients with non-IID data. Finally, we show the limitations of existing defenses adapted from centralized federated learning and design a new defense that successfully mitigates the backdoor attacks, without an impact on model accuracy.
Bio:
Cristina Nita-Rotaru is a Professor of Computer Science in the Khoury College of Computer Sciences at Northeastern University where she leads the Network and Distributed Systems Security Laboratory (NDS2). Prior to joining Northeastern she was a faculty in the Department of Computer Science at Purdue University (2003 - 2015). She served as Associate Dean of Faculty at Northeastern University (2017 - 2020) and as an Assistant Director for CERIAS at Purdue University (2011 - 2013). Her research lies at the intersection of security, distributed systems, and computer networks. The overarching goal of her work is designing and building secure and resilient distributed systems and network protocols, with assurance that the deployed implementations provide their security, resilience, and performance goals. Her work received several best paper awards in NETYS 2023, ACM SACMAT 2022, IEEE SafeThings 2019, NDSS 2018, ISSRE 2017, DSN 2015, two IETF/IRTF Applied Networking Research Prize in 2018 and 2016, and Test-of-Time award in ACM SACMAT 2022. She is a recipient of the NSF Career Award in 2006.
Cristina Nita-Rotaru has served on the program committee of numerous conferences in networking, distributed systems and security such as IEEE S&P, USENIX Security, ACM CCS, NDSS, ACM Wisec, USENIX OSDI, USENIX ATC, ACM SOCC, ACM SIGCOMM, ACM CoNEXT, IEEE INFOCOM, IEEE ICNP, WWW, IEEE ICDCS, IEEE/IFIP DSN, Eurosys, and Euro S&P. She was an Associate Editor for Elsevier Computer Communications (2008 - 2011), IEEE Transactions on Computers (2011 - 2014), ACM Transactions on Information Systems Security (2009 - 2013), Computer Networks (2012 - 2014), IEEE Transactions on Mobile Computing (2011 - 2016), and IEEE Transactions on Dependable and Secure Systems (2013 - 2017). She was a member of the steering committee of ACM Wisec and IEEE/IFIP DSN. She is a member of the IFIP Working Group on Dependable Computing and Fault-tolerance and the Steering Committee of ACM SACMAT. She is the Chair of the Steering Committee of ISOC NDSS and the Vice-Chair of the IEEE Technical Community on Dependable Computing and Fault Tolerance (TCFT).
This talk is open to the public and a part of the distinguished speaker series sponsored by the Schmidt Family.